Hi Michael, Thanks for the helping hand. I assume (because I did not do it) the modem is NOT in bridge mode. It looks like the last set of instructs you tell me to do is exactly what I need. I will alias the nic to all my 30 addresses and use IPNAT to static NAT map them. I was a bit confused about what to do even though I knew about NAT. I hacked around but still couldn't see the servers behind the firewall. This would also allow me to setup a DMZ I presume. So I might put another NIC in the box and allocate some other private addresses to the facing NICs. Then prick a few holes in the firewall. Hmmm How am I doing now? PS Do I benefit from bridge mode on the modem?
Keith --- Micheal Patterson <[EMAIL PROTECTED]> wrote: > > ----- Original Message ----- > From: "Keith Spencer" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, June 28, 2003 5:25 PM > Subject: A routing/IP/NIC query < Expert required > > > > Hi all, > > I have a new adsl isp allocating my fbsd 4.7 box a > > routable IP (end user ip) > > I have 32 (read that as 30) ips of my own to use > and > > route for my domain. > > I have 2 NICs in the gateway/router > > How should I setup the IPs and aliases etc. I > > figure... > > (yyy.yyy.yyy.yyy = ISP end user ip they gave me) > > (xxx.xxx.xxx.xx1 = 1st usable ip in my 32 ip > range) > > (xxx.xxx.xxx.xx2 = 2nd usable ip in my 32 ip > range) > > Keith, it depends on what you're really wanting to > do in the end. It also > depends on if the DSL modem/router is in bridge mode > or not. If it isn't, > then the yyy.yyy.yyy.yyy IP may be assigned to the > DSL unit leaving you with > the remaining 30 real IP's for your systems behind > it. > > Assuming that the unit isn't in bridge mode (many > installs aren't) you can > set the FBSD box outside nic (toward the DSL unit) > to the first usable IP of > the range they provided) and configure it for bridge > mode and assign the > remaining IP's to the systems on your lan. > > Assuming that the unit IS in bridge mode, the > external nic would use the > yyy.yyy.yyy.yyy IP and the first usable IP would go > on your internal nic > (facing your lan) on the FBSD box and then you'd > assign the remainder of the > IP's to the systems on your lan. > > Assuming the dsl unit not in bridge mode and you > actually want to use the > 10.x.x.x IP range on the lan computers insteald of > the 30 provided, assign > all of the real IP's provided to the nic facing the > DSL unit and the first > of the 10.x.x.x range you want to use on the FBSD > nic facing your lan, then > configure NAT normally. To allocate traffic for a > real IP to an internal > 10.x.x.x IP for the two live servers, set up a > static nat on the FBSD box > ( -redirect_address 10.x.x.x.x xxx.xxx.xxx.xxx ) > for each of the systems > and they'll be reachable from the outside. > > -- > > Micheal Patterson > Network Administration > Cancer Care Network > 405-733-2230 > > _______________________________________________ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" http://mobile.yahoo.com.au - Yahoo! Mobile - Check & compose your email via SMS on your Telstra or Vodafone mobile. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"